Cyber Security Analyst
1 week ago
Rocky View County values our employees and provides a welcoming and stable work environment where positive energy, creativity, and a service mindset are encouraged. We seek individuals who enjoy making a difference and contributing meaningfully to a vibrant community. Our valued and diverse team of 500+ employees are provided with the same concern, respect, and caring attitude as the 45,000 people who call Rocky View County home.
At Rocky View County we value employee work/life balance. Staff are provided with opportunities to grow professionally while being supported with paid training, a competitive salary, benefits after 30 days, 27 paid days off in their first year, plus general holidays, a pension plan, paid sick time, and a hybrid work environment for eligible positions.
Position Summary
The Cyber Security Analyst to safeguard municipal infrastructure, digital services, and critical IT/OT environments. This role leads the charge in monitoring, detecting, and mitigating cyber threats while proactively hardening Microsoft 365 and on-premises ecosystems. Beyond technical defense, the position serves as a key advisor in developing security policies and fostering a culture of cyber-awareness to ensure that staff and residents rely on secure, uninterrupted services.
Core AccountabilitiesSecurity Operations & Incident Response
- Monitor & Triage: Oversee SIEM and EDR alerts; investigate, contain, and remediate emerging threats.
- Incident Management: Execute incident handling playbooks and coordinate response efforts with departmental business owners.
- Threat Hunting: Proactively hunt for vulnerabilities using logs, telemetry, and intelligence from the Canadian Centre for Cyber Security (CCCS).
- Optimization: Continuously tune detections and use cases to improve accuracy and reduce false positives.
- Assessment: Conduct regular vulnerability scans, validate risk levels, and track remediation through to completion.
- Best Practices: Advise on secure configurations for Windows, M365, Azure, and cloud applications aligned with CIS Benchmarks.
- Infrastructure Security: Support patch governance and establish configuration baselines for all municipal assets.
- OT/SCADA Support: Provide monitoring and security support for water/wastewater SCADA networks; maintain strict segmentation and vendor access reviews.
- Identity Governance: Administer Entra ID (Azure AD), MFA, Conditional Access, and privileged access models (PIM) following a Least-Privilege principle.
- Communication Security: Maintain phishing protection, anti-malware, and DMARC/DKIM/SPF protocols.
- Endpoint & Network: Manage endpoint protection (Intune), firewall configurations, and access control systems.
- Strategic Alignment: Drive the County's security program forward by aligning controls with NIST CSF, CIS Controls, and ISO/IEC 27001.
- Privacy & Records: Ensure all security operations and data handling align with ATIA and POPA requirements, maintaining forensic integrity and log retention for potential investigations.
- Risk Oversight: Maintain asset and risk registers; review and approve security exceptions and change requests.
- Act in a professional and responsible manner to protect the integrity of employees and the business of Rocky View County.
- Display a professional and ethical responsibility to protect privacy, use information appropriately, and maintain the confidentiality and security of all information related to employees, business, and residents of Rocky View County.
- Work in accordance with the requirements established by the RVC Health and Safety Program and the Alberta OHS Act, Regulation and Code.
- Take reasonable care to protect their health and safety and other persons at or in the vicinity of the worksite while they are working.
- Perform other duties and special projects as assigned.
A combination of a degree or diploma in Computer Science, InfoSec, or a related field (or an equivalent mix of education and experience) along with 5–7+ years in IT security operations or network/systems roles with hands-on incident response experience.
Previous experience in the public sector or municipal government is considered a strong asset.
Technical Proficiencies- Deep understanding of the Incident Response Lifecycle.
- Advanced knowledge of Windows Security, Active Directory/Entra ID, and Network fundamentals (TLS, DNS, VPN).
- Proficiency in PowerShell for security automation.
- Ability to translate complex technical risks into clear reports for non-technical stakeholders.
- Required (within 12 months): CompTIA Security+ AND (Microsoft SC-200 OR AZ-500).
- Preferred: CISSP, CISM, GCIH (Incident Handler), or GICSP (Critical Infrastructure/OT).
- Demonstrated strong analytical rigor by remaining calm, methodical, and effective when leading the response to high-pressure security incidents.
- Maintain a service-excellence mindset, viewing security as a business enabler and using plain language to guide and empower staff across the organization.
- Uphold the highest standards of integrity, exercising absolute discretion and confidentiality when handling sensitive municipal data.
- Committed to continuous professional growth, actively staying ahead of the evolving threat landscape to protect the County's interests.
- Excellent communication and interpersonal skills, with the ability to explain technical concepts to non-technical users.
- Strong problem-solving and analytical abilities, with a focus on delivering practical and effective solutions.
- Demonstrated leadership and mentorship capabilities, with a commitment to fostering a collaborative team environment.
- Highly self-directed, with the ability to prioritize tasks, manage time effectively, and adapt to changing priorities.
- A customer-focused mindset, with a dedication to providing exceptional service and support.
We thank applicants for their interest. Only those selected for an interview will be contacted.
Applications can be submitted online at
Closing Date: Open until a suitable candidate is found.
